Update read-package-json, setup GitHub action

[DarthHater]

hosted-git-info which is a transitive dependency of read-package-json has the following CVE filed against it for versions prior to 3.0.8: https://nvd.nist.gov/vuln/detail/CVE-2021-23362

This PR just bumps read-package-json, which brings it in, to a newer version which brings in a much newer version of hosted-git-info.

I as well added a bare bones GitHub action to run tests. I ran npm test before I did this update, and after, and it failed mostly the same (it seems the tests weren't updated in the past for changes?)

Evidence of the action working can be seen on my fork: https://github.com/DarthHater/read-installed/actions/runs/721565318

I can send a separate PR that fixes the tests, and updates them to what they would be now, I'd just want someone to confirm I'm on the right path!

cc @bhamail

We use this project at Sonatype on a couple of our tools, and have always dug it! We've been using list-installed nowadays, but there are still plenty of projects that rely on read-installed, and we'd love to help out when we can :)

[bhamail]

Note, if applied, this PR Fixes #53